What is it?
The QWAC PSD2 is a qualified certificate compliant with eIDAS and PSD2 RTS requirements that securely identifies the web server of an authorized operator in the payments sector. It is therefore similar to a regular SSL/TLS Server certificate but also attests to the Payment Service Provider (PSP) status of the certificate holder. The certificate includes the PSD2 attributes that identify:
- The regulated entity.
- The supervisory authority.
- The role of Card Issuer (CISP).
- The PSD2 role (AISP / PISP / ASPSP).
What a QWAC is used for in PSD2
It is used to authenticate the PSP’s web server to client systems connecting to it. During the TLS handshake, the server presents its QWAC to the client, and the client can verify:
- The identity of the entity (PSP) managing the server.
- The PSD2 role (AISP, PISP, CISP, ASPSP) of the PSP.
- The regulatory status of the PSP (i.e., that the PSP is authorized by a particular NCA – National Competent Authority).
- The validity of the certificate.
Available PSD2 Certificates
Actalis offers the following combinations:
- QWAC PSD2 – used to authenticate the web server of a PSP (and enable the secure TLS/SSL channel).
- PSD2 Bundle (QWAC + QSealC) – Available as a combined solution for operators who need both to:
- Authenticate the server;
- Sign the communications.
Validity and domain options
QWAC-type PSD2 certificates are available in the following variants:
- Validity: 1 year, 2 years depending on the chosen type.
- Renewal available through the portal.
- Domain types: Single Domain (1 FQDN), Multi-Domain (up to 10 domains).
Requirements for issuance
You must own the domain to be certified.
Issuance process
- Access the Actalis portal and select the PSD2 certificate.
- Choose between QWAC, QSealC, or QWAC+QSealC Bundle.
- Fill out the form with the required information (if you requested both QWAC and QSealC, you will be required to fill in 2 separate forms).
- Download the form(s) and digitally sign them.
- Send for verification.
- Our validation center will verify the data and contact you to request the CSR and proceed with issuing the certificate.
- Once issuance is complete, you will see your certificate (or certificates, in the case of QWAC + QSealC) in your client area.
Important notes
The certificate can only be issued to entities authorized by the National Competent Authority to operate as payment service providers. If Actalis cannot verify such authorization, the certificate cannot be issued.
in your browser, disable the blocker, then refresh the page. You can also check your connection and refresh the page.